Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa
File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json)
Hash identifier: 5YwVKsjWsIt0eEaDstrjZusgC1w6s+qBLt15/IhoWyI=
Subject key identifier: A6:56:A5:3E:D0:71:FC:01:F9:54:42:17:7E:0C:5B:6C:99:4C:35:DA
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 36367C720EA4D5F0706343C97A0A6F7734EB499A
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80ff:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:36:7c:72:0e:a4:d5:f0:70:63:43:c9:7a:0a:6f:77:34:eb:49:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=fa8d43a81fc2bd37c02238030b338f12e052dcd7e794ef9bf4e5de0db12eb7cd, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1a:ec:ba:07:b5:7e:86:db:0d:32:57:81:cb:
75:02:e6:fb:31:81:66:6a:4d:e4:52:ab:0e:7b:7a:
66:9f:40:7a:e8:7d:dc:59:f1:2b:15:1b:bf:6f:41:
73:7a:03:99:14:db:7e:a3:14:d9:1e:24:60:0a:29:
a8:39:a1:49:f7:a1:7a:ec:00:26:59:44:ed:6d:a4:
01:54:02:ed:93:6d:59:fd:33:ae:f0:f7:f0:0d:ed:
bd:3f:a5:e4:f0:a5:5e:d1:83:26:68:fc:c3:52:4f:
bf:d8:2f:87:61:8f:93:30:e8:f4:28:60:ab:ee:fb:
35:9c:5d:1d:c2:8d:ae:0a:9a:ea:e2:77:06:cd:7b:
e8:d7:a5:59:91:90:98:33:6a:30:80:08:7c:d7:50:
1f:ff:ef:81:c4:d2:0f:7a:e1:93:0f:11:70:57:74:
6e:33:f2:21:62:bb:47:27:d8:05:bc:cc:59:61:6c:
34:48:43:f3:5f:ee:4e:52:7e:a9:e1:f7:3e:f2:a8:
60:64:62:7d:15:42:62:6a:27:8a:36:7d:44:7f:c4:
1b:aa:e1:78:1f:cf:a8:22:90:15:eb:ba:9d:81:0d:
60:b9:8a:a2:53:df:78:57:35:4e:6c:b6:66:eb:d8:
20:f6:3a:52:c4:5d:ba:98:89:44:b5:1b:31:06:d4:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:56:A5:3E:D0:71:FC:01:F9:54:42:17:7E:0C:5B:6C:99:4C:35:DA
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80ff:8000::/40
Signature Algorithm: sha256WithRSAEncryption
52:9c:e1:30:87:ea:4e:14:fd:7f:b5:40:d2:96:fb:17:24:a5:
49:48:95:f4:ca:9c:29:4b:a2:6c:f4:3d:15:cd:b4:dc:d0:9a:
ed:2c:8d:9f:43:ca:49:ea:f0:98:0c:3d:96:cf:e6:02:ae:03:
8b:96:73:7a:93:96:3d:75:e2:95:b7:c4:6b:dd:7b:7a:ff:73:
7f:ea:2b:b6:74:1c:08:a7:a1:dd:03:52:ee:34:0b:f3:b9:d7:
02:b5:80:28:70:fd:13:5a:f3:83:09:75:28:5f:fd:01:91:7f:
72:e6:fc:1b:21:fe:e5:50:a9:65:10:20:65:88:0a:f1:79:c0:
8c:f0:2d:a8:08:cb:63:72:6f:e3:3f:35:c1:92:47:9e:ea:11:
ef:6c:ee:fd:d9:73:97:1d:df:d5:4f:dd:14:59:e8:ed:57:fe:
cb:79:ea:68:42:39:2d:e5:e3:51:72:21:86:4a:06:ef:08:3b:
12:cc:ba:17:a9:9c:4e:52:06:b9:1e:bf:b5:ad:86:ae:e6:5d:
93:3e:a4:bd:95:cc:6e:4b:65:93:ed:1e:4a:45:48:89:a9:53:
ee:76:e7:d1:b6:d3:05:62:4e:8b:6a:0e:84:6e:de:15:fa:e6:
70:f2:d9:69:d0:3e:4f:bd:90:fd:37:b8:37:79:e7:af:01:1b:
bf:44:1d:d5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNjZ8cg6k1fBwY0PJegpvdzTrSZowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAZmE4ZDQzYTgxZmMyYmQzN2MwMjIz
ODAzMGIzMzhmMTJlMDUyZGNkN2U3OTRlZjliZjRlNWRlMGRiMTJlYjdjZDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRrsuge1fobbDTJXgct1Aub7MYFm
ak3kUqsOe3pmn0B66H3cWfErFRu/b0FzegOZFNt+oxTZHiRgCimoOaFJ96F67AAm
WUTtbaQBVALtk21Z/TOu8PfwDe29P6Xk8KVe0YMmaPzDUk+/2C+HYY+TMOj0KGCr
7vs1nF0dwo2uCprq4ncGzXvo16VZkZCYM2owgAh811Af/++BxNIPeuGTDxFwV3Ru
M/IhYrtHJ9gFvMxZYWw0SEPzX+5OUn6p4fc+8qhgZGJ9FUJiaieKNn1Ef8QbquF4
H8+oIpAV67qdgQ1guYqiU994VzVObLZm69gg9jpSxF26mIlEtRsxBtTcBwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKZWpT7QcfwB+VRCF34MW2yZTDXaMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAFKc4TCH6k4U/X+1QNKW
+xckpUlIlfTKnClLomz0PRXNtNzQmu0sjZ9Dyknq8JgMPZbP5gKuA4uWc3qTlj11
4pW3xGvde3r/c3/qK7Z0HAinod0DUu40C/O51wK1gChw/RNa84MJdShf/QGRf3Lm
/Bsh/uVQqWUQIGWICvF5wIzwLagIy2Nyb+M/NcGSR57qEe9s7v3Zc5cd39VP3RRZ
6O1X/st56mhCOS3l41FyIYZKBu8IOxLMuhepnE5SBrkev7Wthq7mXZM+pL2VzG5L
ZZPtHkpFSImpU+5259G20wViTotqDoRu3hX65nDy2WnQPk+9kP03uDd5568BG79E
HdU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:38:45 2025 by rpki-client